package com.ktjy.unti;

import com.ktjy.pojo.SysRight;
import com.ktjy.service.SysRightService;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.crazycake.shiro.RedisCacheManager;
import org.crazycake.shiro.RedisManager;
import org.crazycake.shiro.RedisSessionDAO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.util.StringUtils;

import java.io.Serializable;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;

@Configuration
public class ShiroConfig  implements Serializable {
    @Autowired
    SysRightService sysRightService;
    @Bean
    public HashedCredentialsMatcher getHashedCredentialsMatcher(){
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        hashedCredentialsMatcher.setHashAlgorithmName("md5");
        hashedCredentialsMatcher.setHashIterations(1);
        return hashedCredentialsMatcher;
    }
    @Bean
    public Realm getRealm() {
        CustomRealm customRealm = new CustomRealm();
        //设置域开启缓存
        customRealm.setAuthorizationCachingEnabled(true);
//        customRealm.setAuthenticationCachingEnabled(true);
        customRealm.setAuthorizationCacheName("authorizationCacheName");
        //设置加密方式
        customRealm.setCredentialsMatcher(getHashedCredentialsMatcher());
        return customRealm;
    }

    public RedisManager getRedisManager() {
        RedisManager manager = new RedisManager();
        return manager;
    }


//    @Bean
    public RedisCacheManager getRedisCacheManager() {
        RedisCacheManager redisCacheManager = new RedisCacheManager();
        redisCacheManager.setRedisManager(getRedisManager());
        redisCacheManager.setPrincipalIdFieldName("usrId");
        return redisCacheManager;
    }


    public RedisSessionDAO getRedisSessionDAO() {
        RedisSessionDAO redisSessionDAO = new RedisSessionDAO();
        redisSessionDAO.setRedisManager(getRedisManager());
        return redisSessionDAO;
    }

    public DefaultWebSessionManager getDefaultWebSecurityManager() {
        DefaultWebSessionManager defaultWebSecurityManager = new DefaultWebSessionManager();
        defaultWebSecurityManager.setSessionDAO(getRedisSessionDAO());
        return defaultWebSecurityManager;
    }

    @Bean
    public SecurityManager getSecurityManager() {
        DefaultWebSecurityManager defaultSecurityManager = new DefaultWebSecurityManager(getRealm());
        defaultSecurityManager.setCacheManager(getRedisCacheManager());
        defaultSecurityManager.setSessionManager(getDefaultWebSecurityManager());
        return defaultSecurityManager;
    }

    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean() {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(getSecurityManager());
        Map<String, String> map = new LinkedHashMap<>();
        map.put("/css/*", "anon");
        map.put("/fonts/*", "anon");
        map.put("/images/*", "anon");
        map.put("/js/*", "anon");
        map.put("/localcss/*", "anon");
        map.put("/localjs/*", "anon");
        map.put("/role/list/", "anon");

        map.put("/", "anon");
        map.put("/doLogin", "anon");
        map.put("/logout", "anon");
        List<SysRight> list = sysRightService.list();
        for (SysRight sysRight : list) {
            if (StringUtils.hasText(sysRight.getRightUrl())) {
                map.put(sysRight.getRightUrl(), "perms[" + sysRight.getRightCode() + "]");
            }
        }
        map.put("/*", "authc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
        shiroFilterFactoryBean.setUnauthorizedUrl("/403");
        return shiroFilterFactoryBean;
    }
}
